Application Control Software – Also known as “whitelisting,” this software blocks unauthorized

applications and code on PCs and RTUs. ACE3600 firmware protects user programs with this technique, and ACE3600

configuration management tools on PCs are protected with McAfee™ Solidifier.

Encryption – An algorithm makes data readable only by a device with a specific key to decrypt the message. Data

stored within the ACE3600 is also encrypted using a 256 bit AES (Advanced Encryption Standard), meeting FIPS

140-2 Level 1 requirements.

Unused Port Deactivation – Disable communication for any ports that are unused, closing a point of access that

could be exploited by attackers.

Time-Window Commands – When an application generates a command, it assigns a time window; after

the time expires, system components will not execute the command.

This can prevent replicating errors and commands of questionable origin from affecting the network.